If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Outer_Heaven, have you ever heard of a utility called Hiren's Boot CD? It contains McAfee AV 4.40 and F-Prot Antivirus 3.16b. The cd enables you to run the AV in a dos environment directly from the cd. When downloaded, u have the ability to update the definitions file via download from mcafee. The cd also contains partitioning tools. The link is http://www.9down.com/modules.php?nam...ticle&sid=5360 for version 7.2
(My post may be a violation of AO rules as well, seeing as how it refers to software that may have been illegally obtained, please delete my post if there is a violation.)

Getting mixed reactions here. Do I even go about trying to fix this or should I trying to run one of those programs that are being mentioned on it? And as I was wondering before, should I even bother trying to install an AV on it, or, should I go with what Slarty is saying and just reformat?

Generally to slave a HDD requires you to physically place the 'new' HDD into your PC and attach it via your own IDE cables, you might need to reset the pin link on the back to slave, and as this is a laptop, and I imagine you have a desktop, then you also require a bit of kit to allow the laptop HDD to fit your IDE .............

Loxley: Will this allow me to scan his pc with the AV I have on my laptop? Isn't there something along the lines of, if not one, a USB cable that would allow me to connect port to port and it would show up as and allow me to scan it as an external drive?

Haven't asked him if there is anything on his pc that he really needs, but am kinda leaning towards yes seeing how he is asking me if there is anything that I can do to begin with. He wants to take that pc at his house to his bar and hook it up to the bar's speakers and run the music through there.

what are the chances of you getting a second HDD, and cloning it ?
so when it happens again, you just swap and go cloning the ex HDD as a spare again ??

Will most definately suggest that to him... but if it does happen again, I won't even bother to try and give him a hand with it. I'll tell him to go figure out how to fix it for himself.

These are usesable over the internet aswell. No need for a network. Its bit like you discribed.

@Outer_Heaven:

Loxley: Will this allow me to scan his pc with the AV I have on my laptop?

If the HD is connected to your pc/laptop and if its it shows up in your explorer you can scan it. I would be carefull though, not to open any files. If there is a virus in there somewhere it might infect you.

Outer_heaven,
Just taking a quick look at the hijackthis log I would go with the reinstall. I reckon that it would be faster and safer. The state this computer is in now it will be a lot of work to clean it completely and even when you are done the next time he connects to the internet it will all just come back. As it stands the computer is no longer his. Explain to your friend/boss that it would be more proffessional to do a clean installation of the machine so you can install all the relavent security tools before he takes it into his club. Save his data either to a usb key or a cd. If he doesnt believe you show him this site and your post.
As for the other points mentioned in this post, programmes like winVNC, vmware ect let you take controll of your computer from a remote location. The computer still needs to be booted from its hard drive so all you would be doing is trying to clean the computer from an other computer. It wouldn't really help you with your problem.
mattgilberg's suggestion is better as it allows you to boot your computer from a CD and then scan your hard drive with standard windows tools. Another cd like that is bart CD where you build your own boot cd.
Anyway good luck

\"America is the only country that went from barbarism to decadence without civilization in between.\"
\"The reason we are so pleased to find other people\'s secrets is that it distracts public attention from our own.\"
Oscar Wilde(1854-1900)

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

You certainly have an infected PC there, and as was mentioned before, your best bet is to wipe and reinstall.
(make sure you have WinXP SP2 handy when you connect for the first time to Internet)CERT

Although, if you want to try and clean the PC, then there is a sequence of doing this which requires patience, and IMO is a good way to learn about the types of Crapware that is out there.

First, you should try Ewido
There is a trial period with all of the options, afterwards some of these will not function but it will still be usable and it will still update definitions. It is a good tool for finding most of those files that you can't find.

Next you should run Spybot S & D and Adaware SE in Safe Mode, and get Ccleaner this will also get rid of a lot of junk.

Turn off or disable system restore (each time you boot up, some of the nasties are resident in System Volume Information restore points and will continue to execute).

Run your HJT scan and submit to a forum which can show you what to safely delete, the Auto Analyzer is useful to help determine some of the problems,but should be used with caution. As some of the items listed are legit.

After you have gotten the scans from HJT fixed, you should get Microsoft Antispyware Beta and install it on that PC along with Spywareblaster, and Spywareguard, it may not stop everyting this person looks at on the web but it will help in preventing the majority of the stuff, also you may want to slip HOSTS file on to the PC, and it will block most of his attempts to reach the sort of sites he likes visiting.

I noticed something else this PC is missing, you should have JRE (Java Runtime Enviroment) installed JRE 5.0 It will help also if you insist on using IE

PC Registered user # 2,336,789,457...

"When the water reaches the upper level, follow the rats."Claude Swanson

Get an external hard drive enclosure that can be purchased at your local bestbuy or circut city. Put the drive in it and do a data backup from there. Then reformat the HDD. Its going to take a very long time to fix all of those problems and personaly when I see a box that far compromised I would rather not take the chance of some undetected compromise sliping past.

ive worked on a hopeless pc before (my family's) and if i had the option i would have reformatted and reinstalled, but my parents said, 'no, we have irriplaceable files on there(ie. a recipe for scallops) fix it!' so had my friend send me AVG free version and MS anti-spyware over aol and i ran those. i started at 5pm and i finished at 1am. i found about 50 viruses with AVG and on MS anti-spyware it found 123 separate types of spyware (this does not include the 3000 registry entries it found). so, in short where theres a will there is a way, but if you have the option to reformat, do it and be done.

I know your type, you think "I'll just get me a costume, rip off the neighborhood kids". Next thing you know, you've got a jet shaped like a skull with lasers on the front!
-The Monarch.

Originally posted here by mattgilberg Outer_Heaven, have you ever heard of a utility called Hiren's Boot CD? It contains McAfee AV 4.40 and F-Prot Antivirus 3.16b. The cd enables you to run the AV in a dos environment directly from the cd. When downloaded, u have the ability to update the definitions file via download from mcafee. The cd also contains partitioning tools. The link is http://www.9down.com/modules.php?nam...ticle&sid=5360 for version 7.2
(My post may be a violation of AO rules as well, seeing as how it refers to software that may have been illegally obtained, please delete my post if there is a violation.)

Its a GREAT tool... and very nice in case of emergency! I have a copy in my "toolkit".
Too bad *most* of that is not legal. Well... unless you have a legit copy of all the tools on there.

Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Just pull the hard drive and install it into the existing CD-ROM cable. You wont need to change the pin setting for the cd-rom should be on its own cable. Run an up to date antivirus on it and then move the files need over to a folder on your destop. then run Format tool by right clicking on the drive and choose format. then shut down pull the drive and run the restore. If you need to know where some of the files exist like Outlook and address book just let me know and I will help you find it.

Originally posted here by ZomBieMann77 Get an external hard drive enclosure that can be purchased at your local bestbuy or circut city. Put the drive in it and do a data backup from there. Then reformat the HDD. Its going to take a very long time to fix all of those problems and personaly when I see a box that far compromised I would rather not take the chance of some undetected compromise sliping past.

This guy is spot on.

First of all, you don't even know if AVG and Ad-Aware et. al. are going to detect all the nastys on the box. Who knows if there is an as-of-yet undetectable rootkit installed?

You're going to spend hours cleaning, rebooting, re-cleaning, rebooting, re-cleaning, and, in the end, you aren't going to know for sure if the box is completely clean. Pull all the critical documents off, reformat, re-install, and teach your friend how to safely browse the net.

I have gone through the attempt of getting a fudded up PC back to normal so many times, it just isn't worth it. Like an earlier poster said, either spend 7 hours getting the computer back to "normal" or spend 2-3 hours reformatting and re-installing windows.